daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

chore: generate CVEs metadata 🤖

patch-14
ghost 2024-11-06 17:45:16 +00:00
parent 54ee7f53be
commit 0630896f7d
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cves.json
View File

@ -1762,6 +1762,7 @@
{"ID":"CVE-2022-27984","Info":{"Name":"Cuppa CMS v1.0 - SQL injection","Severity":"critical","Description":"CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via the menu_filter parameter at /administrator/templates/default/html/windows/right.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-27984.yaml"}
{"ID":"CVE-2022-27985","Info":{"Name":"Cuppa CMS v1.0 - SQL injection","Severity":"critical","Description":"CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via /administrator/alerts/alertLightbox.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-27985.yaml"}
{"ID":"CVE-2022-28032","Info":{"Name":"Atom CMS v2.0 - SQL Injection","Severity":"critical","Description":"AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_pages.php\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-28032.yaml"}
{"ID":"CVE-2022-28033","Info":{"Name":"Atom.CMS 2.0 - SQL Injection","Severity":"critical","Description":"Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_uploads.php which allows an attacker to execute arbitrary SQL commands.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-28033.yaml"}
{"ID":"CVE-2022-28079","Info":{"Name":"College Management System 1.0 - SQL Injection","Severity":"high","Description":"College Management System 1.0 contains a SQL injection vulnerability via the course code parameter.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2022/CVE-2022-28079.yaml"}
{"ID":"CVE-2022-28080","Info":{"Name":"Royal Event - SQL Injection","Severity":"high","Description":"Royal Event is vulnerable to a SQL injection vulnerability.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2022/CVE-2022-28080.yaml"}
{"ID":"CVE-2022-28117","Info":{"Name":"Navigate CMS 2.9.4 - Server-Side Request Forgery","Severity":"medium","Description":"Navigate CMS 2.9.4 is susceptible to server-side request forgery via feed_parser class. This can allow a remote attacker to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter, thus enabling possible theft of sensitive information, data modification, and/or unauthorized operation execution.\n","Classification":{"CVSSScore":"4.9"}},"file_path":"http/cves/2022/CVE-2022-28117.yaml"}

2
cves.json-checksum.txt
View File

@ -1 +1 @@
a6840cee68528826a7a81eb7c14f51e7
07c93a43d44b1cb9a1a1c91c7615aaa3